Service
Cybersecurity
Active defence, not just monitoring. We assume your business will be targeted — and design accordingly.
EDR · MFA enforcement · Phishing simulation · Security awareness training · Incident response · Vulnerability scanning · Dark-web monitoring · Email security.
Book a Cybersecurity assessment →What we mean by Cybersecurity
Doors locked. Cameras on. Someone watching the screens.
Most South African businesses we audit have antivirus from 2018, a Wi-Fi password the receptionist’s nephew knows, and an Excel sheet called “passwords.xlsx” on the shared drive. They’re not negligent — they’re busy. But that’s exactly the profile attackers look for.
Our cybersecurity pillar covers the active side of security: detection, response, training, and the policies that hold up when a regulator or insurer comes asking. It works alongside our RMM pillar (which handles the patching + monitoring side) — together they form a proper layered defence.
We’re not a SOC, and we don’t pretend to be. For deep incident-response or red-team work we partner with specialists. What we do is make sure the basics that catch 90% of attacks are actually in place, working, and producing evidence you can show.
What we cover
Six layers, working together.
Defence in depth — if one layer fails, the next catches it. None of these are theoretical.
EDR — Endpoint Detection & Response
Beyond classic antivirus. Behavioural detection that catches ransomware partway through encryption, isolates the device automatically, and gives us the forensics to know what they touched. Defender for Business or SentinelOne — chosen per client.
MFA enforcement, everywhere
Multi-factor on every email account, every VPN, every admin login. The single highest-leverage security control there is — Microsoft says it stops 99.2% of automated account-takeover attacks. We turn it on, we make sure no one gets to disable it.
Email security + DMARC
Anti-phishing scanning, attachment sandboxing, and SPF/DKIM/DMARC properly aligned so attackers can’t spoof your domain. Most South African businesses we audit have DMARC at p=none — we move them to p=reject in stages.
Phishing simulation + awareness training
Quarterly simulated phishing campaigns. Click-rates tracked per user. Anyone who clicks gets a 90-second micro-lesson, not a public shaming. Annual cyber-awareness module — short, in plain English, with a certificate the auditor likes seeing.
Vulnerability scanning + remediation
Monthly authenticated scans across servers, endpoints, and network gear. Critical and high CVEs patched within an agreed SLA. Quarterly executive summary with risk trend and what changed. The same scan output an insurer will ask for.
Incident response plan
Documented IR runbook tailored to your business. Who to call, in what order, with what authority. We walk through it once a year with the leadership team (most have never done this — the first 90 minutes after a breach are where things go wrong).
What runs while you sleep
The night shift is automated.
South African business hours are 08:00–17:00. Attackers run 24/7, mostly from time-zones eight hours ahead. We’ve set the night shift up so it doesn’t need to wake anyone unless there’s a real problem.
- ✓ EDR scans every endpoint, isolating anything suspicious
- ✓ Failed login attempts aggregated & flagged (especially weekend bursts)
- ✓ Impossible-travel logins detected (your CFO can’t be in Cape Town and Beijing within 2 hours)
- ✓ Dark-web monitoring for your domain + key staff emails
- ✓ New external-facing services discovered & baseline-scanned
- ✓ Backup snapshots verified ransomware-immutable
- ✓ Privileged-account activity logged & reviewed weekly
- ✓ Phishing-blocked emails logged — counted in the quarterly report
What you can show the board (or the insurer)
Evidence, not vibes.
Quarterly security report
One A4 page for the board. Threats blocked, training completion, vulnerability trend, MFA coverage percentage. No jargon, no hand-waving.
Cyber insurance attestation
The questionnaire the insurer sends you, answered correctly with evidence to back each line. We help you fill it — or just fill it for you. Saves the 4-hour finance-team scramble before renewal.
Incident response runbook
Printed, laminated, kept where reception can find it. Updated quarterly. Tested annually. Has saved real clients real money when phones started ringing at 02:00.
What we won’t do
We won’t pretend we’re a SOC. We won’t sell you a SIEM you don’t need. We won’t put you on a 36-month appliance lease. When you genuinely need offensive testing or forensics, we bring in partners we trust — named upfront, not marked up.
“We were drowning in user tickets and 3am server alerts. Two years on Burika’s managed support, our team hasn’t seen an after-hours incident — and our staff actually like calling IT now.”
— IT Manager, EurekaIT, Johannesburg
“Burika audited our setup, fixed three POPIA gaps we didn’t know we had, and now monitors everything quietly. Our MD finally stopped asking me “are we covered?””
— Operations Director, Joubea